Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-57211

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-10 Jul, 2026 | 20:16
Updated At-13 Jul, 2026 | 16:13
Rejected At-
Credits

RabbitMQ: UNC SSRF affecting the management UI on Windows

RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windows, the RabbitMQ management plugin static file handler rabbit_mgmt_wm_static can pass URL-encoded backslashes to erl_prim_loader:read_file_info before path validation when multiple management extension plugins are enabled, causing outbound DNS and SMB requests to attacker-controlled UNC paths. This issue is fixed in versions 4.1.11 and 4.2.6.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:10 Jul, 2026 | 20:16
Updated At:13 Jul, 2026 | 16:13
Rejected At:
â–¼CVE Numbering Authority (CNA)
RabbitMQ: UNC SSRF affecting the management UI on Windows

RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windows, the RabbitMQ management plugin static file handler rabbit_mgmt_wm_static can pass URL-encoded backslashes to erl_prim_loader:read_file_info before path validation when multiple management extension plugins are enabled, causing outbound DNS and SMB requests to attacker-controlled UNC paths. This issue is fixed in versions 4.1.11 and 4.2.6.

Affected Products
Vendor
rabbitmq
Product
rabbitmq-server
Versions
Affected
  • >= 4.2.0, < 4.2.6
  • >= 4.1.0, < 4.1.11
Problem Types
TypeCWE IDDescription
CWECWE-36CWE-36: Absolute Path Traversal
CWECWE-918CWE-918: Server-Side Request Forgery (SSRF)
Type: CWE
CWE ID: CWE-36
Description: CWE-36: Absolute Path Traversal
Type: CWE
CWE ID: CWE-918
Description: CWE-918: Server-Side Request Forgery (SSRF)
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-7v84-m3g5-vxq6
x_refsource_CONFIRM
https://github.com/rabbitmq/rabbitmq-server/pull/15803
x_refsource_MISC
https://github.com/rabbitmq/rabbitmq-server/commit/39c3a8e9c71da0403d8dfc13f700e60c936e3682
x_refsource_MISC
https://github.com/rabbitmq/rabbitmq-server/commit/6730797f6a34b4e8308cea60adf1243857e70204
x_refsource_MISC
https://github.com/rabbitmq/rabbitmq-server/releases/tag/v4.2.6
x_refsource_MISC
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-7v84-m3g5-vxq6
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/pull/15803
Resource:
x_refsource_MISC
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/commit/39c3a8e9c71da0403d8dfc13f700e60c936e3682
Resource:
x_refsource_MISC
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/commit/6730797f6a34b4e8308cea60adf1243857e70204
Resource:
x_refsource_MISC
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/releases/tag/v4.2.6
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-7v84-m3g5-vxq6
exploit
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-7v84-m3g5-vxq6
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:10 Jul, 2026 | 21:16
Updated At:13 Jul, 2026 | 22:40

RabbitMQ is a messaging and streaming broker. Prior to 4.1.11 and 4.2.6 on Windows, the RabbitMQ management plugin static file handler rabbit_mgmt_wm_static can pass URL-encoded backslashes to erl_prim_loader:read_file_info before path validation when multiple management extension plugins are enabled, causing outbound DNS and SMB requests to attacker-controlled UNC paths. This issue is fixed in versions 4.1.11 and 4.2.6.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Primary3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
N/A
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Type: Primary
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Broadcom Inc.
broadcom
>>rabbitmq_server>>Versions from 4.1.0(inclusive) to 4.2.6(exclusive)
cpe:2.3:a:broadcom:rabbitmq_server:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-36Secondarysecurity-advisories@github.com
CWE-918Secondarysecurity-advisories@github.com
CWE ID: CWE-36
Type: Secondary
Source: security-advisories@github.com
CWE ID: CWE-918
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/rabbitmq/rabbitmq-server/commit/39c3a8e9c71da0403d8dfc13f700e60c936e3682security-advisories@github.com
Patch
https://github.com/rabbitmq/rabbitmq-server/commit/6730797f6a34b4e8308cea60adf1243857e70204security-advisories@github.com
Patch
https://github.com/rabbitmq/rabbitmq-server/pull/15803security-advisories@github.com
Issue Tracking
Patch
https://github.com/rabbitmq/rabbitmq-server/releases/tag/v4.2.6security-advisories@github.com
Release Notes
https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-7v84-m3g5-vxq6security-advisories@github.com
Exploit
Vendor Advisory
https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-7v84-m3g5-vxq6134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Vendor Advisory
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/commit/39c3a8e9c71da0403d8dfc13f700e60c936e3682
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/commit/6730797f6a34b4e8308cea60adf1243857e70204
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/pull/15803
Source: security-advisories@github.com
Resource:
Issue Tracking
Patch
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/releases/tag/v4.2.6
Source: security-advisories@github.com
Resource:
Release Notes
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-7v84-m3g5-vxq6
Source: security-advisories@github.com
Resource:
Exploit
Vendor Advisory
Hyperlink: https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-7v84-m3g5-vxq6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

174Records found

CVE-2026-35431
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.51% / 40.19%
||
7 Day CHG~0.00%
Published-23 Apr, 2026 | 21:37
Updated-19 Jun, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Entra ID Entitlement Management Spoofing Vulnerability

Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-entra_idMicrosoft Entra
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-3765
Matching Score-10
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-10
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-10||CRITICAL
EPSS-70.74% / 99.32%
||
7 Day CHG~0.00%
Published-19 Jul, 2023 | 00:53
Updated-24 Oct, 2024 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Absolute Path Traversal in mlflow/mlflow

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.

Action-Not Available
Vendor-lfprojectsmlflowlfprojectsMicrosoft Corporation
Product-windowsmlflowmlflow/mlflowmlflow
CWE ID-CWE-36
Absolute Path Traversal
CVE-2026-32169
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.55% / 42.34%
||
7 Day CHG~0.00%
Published-19 Mar, 2026 | 21:06
Updated-19 Jun, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Cloud Shell Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_cloud_shellAzure Cloud Shell
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-33107
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.70% / 49.21%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 23:26
Updated-19 Jun, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Databricks Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_databricksAzure Databricks
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-32186
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.70% / 49.21%
||
7 Day CHG~0.00%
Published-03 Apr, 2026 | 17:22
Updated-19 Jun, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Bing Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Microsoft Bing allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-bingMicrosoft Bing
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-26138
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-8.6||HIGH
EPSS-0.57% / 43.22%
||
7 Day CHG~0.00%
Published-19 Mar, 2026 | 21:06
Updated-19 Jun, 2026 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Purview Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-purviewMicrosoft Purview
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-26150
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-8.6||HIGH
EPSS-0.57% / 43.22%
||
7 Day CHG~0.00%
Published-23 Apr, 2026 | 21:37
Updated-19 Jun, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Purview eDiscovery Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-purview_ediscoveryMicrosoft Purview eDiscovery
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-59503
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.70% / 49.05%
||
7 Day CHG~0.00%
Published-23 Oct, 2025 | 21:18
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Compute Resource Provider Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_compute_resource_providerAzure Compute Resource Provider
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2020-1467
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-3.55% / 88.01%
||
7 Day CHG~0.00%
Published-17 Aug, 2020 | 19:13
Updated-23 Feb, 2026 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hard Link Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows handles hard links.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_rt_8.1windows_server_2012windows_server_2008windows_10windows_8.1windows_7windows_server_2019Windows 10 Version 1607Windows Server version 2004Windows Server 2019 (Server Core installation)Windows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows 8.1Windows 7Windows Server 2012 (Server Core installation)Windows 10 Version 1909Windows 7 Service Pack 1Windows Server 2016Windows 10 Version 2004Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server, version 1909 (Server Core installation)Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows Server, version 1903 (Server Core installation)
CVE-2025-57870
Matching Score-8
Assigner-Environmental Systems Research Institute, Inc.
ShareView Details
Matching Score-8
Assigner-Environmental Systems Research Institute, Inc.
CVSS Score-10||CRITICAL
EPSS-0.51% / 39.88%
||
7 Day CHG+0.01%
Published-22 Oct, 2025 | 14:26
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BUG-000179884 - There is a security vulnerability in ArcGIS Server Feature Services.

A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on Windows, Linux and Kubernetes. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL commands via a specific ArcGIS Feature Service operation. Successful exploitation can potentially result in unauthorized access, modification, or deletion of data from the underlying Enterprise Geodatabase.

Action-Not Available
Vendor-Environmental Systems Research Institute, Inc. ("Esri")KubernetesLinux Kernel Organization, IncMicrosoft Corporation
Product-arcgis_serverlinux_kernelwindowskubernetesArcGIS Server
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2020-1472
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-99.51% / 99.94%
||
7 Day CHG~0.00%
Published-17 Aug, 2020 | 19:13
Updated-23 Feb, 2026 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.
Netlogon Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.

Action-Not Available
Vendor-SambaOracle CorporationSynology, Inc.openSUSEMicrosoft CorporationCanonical Ltd.Fedora ProjectDebian GNU/Linux
Product-windows_server_2016windows_server_2004directory_serverzfs_storage_appliance_kitleapwindows_server_1903windows_server_2012windows_server_2008debian_linuxwindows_server_20h2ubuntu_linuxwindows_server_1909sambafedorawindows_server_2019Windows Server 2012 (Server Core installation)Windows Server 2019Windows Server 2008 R2 Service Pack 1Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2012 R2Windows Server 2019 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows Server, version 1909 (Server Core installation)Windows Server 2016Windows Server version 20H2Windows Server version 2004Netlogon
CVE-2020-1350
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-92.18% / 99.81%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 22:54
Updated-29 Oct, 2025 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_server_2019windows_server_2016windows_server_2012Windows ServerWindows Server, version 1909 (Server Core installation)Windows Server, version 2004 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows
CWE ID-CWE-20
Improper Input Validation
CVE-2025-54914
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-2.24% / 80.88%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 23:09
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Networking Elevation of Privilege Vulnerability

Azure Networking Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_networkingNetworking
CWE ID-CWE-284
Improper Access Control
CVE-2020-12388
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||CRITICAL
EPSS-2.71% / 84.34%
||
7 Day CHG~0.00%
Published-26 May, 2020 | 17:04
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefoxwindowsfirefox_esrFirefoxFirefox ESR
CWE ID-CWE-20
Improper Input Validation
CVE-2025-55241
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-1.55% / 72.29%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 23:09
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Entra ID Elevation of Privilege Vulnerability

Azure Entra ID Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-entra_idMicrosoft Entra
CWE ID-CWE-287
Improper Authentication
CVE-2022-1884
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-10||CRITICAL
EPSS-1.77% / 75.72%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 10:53
Updated-19 Nov, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Command Execution in gogs/gogs

A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution.

Action-Not Available
Vendor-gogsgogsgogsMicrosoft Corporation
Product-windowsgogsgogs/gogsgogs
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-0796
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-99.81% / 99.96%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-29 Oct, 2025 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-08-10||Apply updates per vendor instructions.

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1903windows_server_1903windows_10_1909windows_server_1909Windows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 1909 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for x64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsSMBv3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-37705
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-2.42% / 82.30%
||
7 Day CHG~0.00%
Published-13 Aug, 2021 | 20:15
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Authorization and Origin Validation Error in OneFuzz

OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization check allows an authenticated user from any Azure Active Directory tenant to make authorized API calls to a vulnerable OneFuzz instance. To be vulnerable, a OneFuzz deployment must be both version 2.12.0 or greater and deployed with the non-default --multi_tenant_domain option. This can result in read/write access to private data such as software vulnerability and crash information, security testing tools and proprietary code and symbols. Via authorized API calls, this also enables tampering with existing data and unauthorized code execution on Azure compute resources. This issue is resolved starting in release 2.31.0, via the addition of application-level check of the bearer token's `issuer` against an administrator-configured allowlist. As a workaround users can restrict access to the tenant of a deployed OneFuzz instance < 2.31.0 by redeploying in the default configuration, which omits the `--multi_tenant_domain` option.

Action-Not Available
Vendor-Microsoft Corporation
Product-onefuzzonefuzz
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-346
Origin Validation Error
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-34028
Matching Score-8
Assigner-VulnCheck
ShareView Details
Matching Score-8
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-97.29% / 99.89%
||
7 Day CHG+0.13%
Published-22 Apr, 2025 | 16:32
Updated-29 Nov, 2025 | 02:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-05-23||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path Traversal

The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious JSP. This issue affects Command Center Innovation Release: 11.38.0 to 11.38.20. The vulnerability is fixed in 11.38.20 with SP38-CU20-433 and SP38-CU20-436 and also fixed in 11.38.25 with SP38-CU25-434 and SP38-CU25-438.

Action-Not Available
Vendor-Commvault Systems, Inc.Linux Kernel Organization, IncMicrosoft Corporation
Product-windowslinux_kernelcommvaultCommand Center Innovation ReleaseCommand Center
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2019-14678
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-2.95% / 85.63%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 20:59
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forgery, and/or Potential Denial of Service attacks. This vulnerability also affects the XMLV2 LIBNAME engine when the AUTOMAP option is used.

Action-Not Available
Vendor-sasn/aMicrosoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-windows_server_2016windows_8linux_kernelwindows_8.1windows_server_2012solarishp-uxwindowswindows_7windows_10xml_mapperz\/osaixbase_saswindows_server_2019n/a
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2025-29813
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-1.53% / 72.00%
||
7 Day CHG~0.00%
Published-08 May, 2025 | 22:17
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure DevOps Elevation of Privilege Vulnerability

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_devopsAzure DevOps
CWE ID-CWE-302
Authentication Bypass by Assumed-Immutable Data
CWE ID-CWE-287
Improper Authentication
CVE-2026-57216
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.47% / 37.51%
||
7 Day CHG+0.13%
Published-10 Jul, 2026 | 20:20
Updated-13 Jul, 2026 | 21:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RabbitMQ: AMQP 1.0, AMQP 0-9-1, Stream Protocol loopback enforcement can lead to remote guest sessions due to listener-address loopback checks

RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, AMQP 0-9-1, AMQP 1.0, and Stream Protocol authentication can allow a loopback-restricted user such as guest to connect remotely when traffic is accepted through a trusted PROXY-protocol path and the backend listener is loopback-bound because the loopback check uses the listener-side socket address instead of the real client source. This issue is fixed in versions 3.13.15, 4.0.20, 4.1.11, and 4.2.6.

Action-Not Available
Vendor-rabbitmqBroadcom Inc.
Product-rabbitmq_serverrabbitmq-server
CWE ID-CWE-287
Improper Authentication
CVE-2021-26472
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-2.46% / 82.64%
||
7 Day CHG~0.00%
Published-08 Jun, 2021 | 18:37
Updated-16 Sep, 2024 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated remote command execution with SYSTEM privileges in Vembu products

In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.

Action-Not Available
Vendor-vembun/aMicrosoft Corporation
Product-offsite_drwindowsbdr_suiten/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-48303
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||CRITICAL
EPSS-0.55% / 42.49%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 20:59
Updated-12 Jun, 2026 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

Action-Not Available
Vendor-Linux Kernel Organization, IncMicrosoft CorporationAdobe Inc.
Product-linux_kernelwindowscampaignAdobe Campaign Classic (ACC)
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-48286
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||CRITICAL
EPSS-0.71% / 49.48%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 15:08
Updated-01 Jul, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.Linux Kernel Organization, Inc
Product-campaignwindowslinux_kernelAdobe Campaign Classic (ACC)
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-47280
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.49% / 39.12%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 22:03
Updated-19 Jun, 2026 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Resource Manager Elevation of Privilege Vulnerability

Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_resource_managerAzure Resource Manager
CWE ID-CWE-287
Improper Authentication
CVE-2026-45480
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.56% / 42.96%
||
7 Day CHG~0.00%
Published-19 Jun, 2026 | 20:27
Updated-15 Jul, 2026 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Active Directory Elevation of Privilege Vulnerability

Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_active_directoryAzure Active Directory
CWE ID-CWE-287
Improper Authentication
CVE-2023-38187
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.69% / 48.69%
||
7 Day CHG~0.00%
Published-21 Jul, 2023 | 17:51
Updated-28 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-edge_chromiumMicrosoft Edge (Chromium-based)
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-42901
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.30% / 22.03%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 22:04
Updated-19 Jun, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Entra ID Elevation of Privilege Vulnerability

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-entra_idMicrosoft Entra
CWE ID-CWE-346
Origin Validation Error
CVE-2026-42822
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.49% / 39.12%
||
7 Day CHG~0.00%
Published-18 May, 2026 | 17:03
Updated-19 Jun, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Local Disconnected Operations (ALDO) Elevation of Privilege Vulnerability

Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_resource_managerazure_localAzure Local
CWE ID-CWE-287
Improper Authentication
CVE-2026-42891
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.29% / 20.50%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:59
Updated-19 Jun, 2026 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-edge_chromiumMicrosoft Edge for Android
CWE ID-CWE-451
User Interface (UI) Misrepresentation of Critical Information
CVE-2026-41104
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.92% / 56.33%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 22:04
Updated-19 Jun, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Planetary Computer Pro Information Disclosure Vulnerability

Deserialization of untrusted data in Microsoft Planetary Computer Pro allows an unauthorized attacker to disclose information over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-planetary_computerMicrosoft Planetary Computer Pro (GeoCatalog)
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-24760
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-49.08% / 98.75%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 23:55
Updated-22 Apr, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection in Parse server

Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution vulnerable code in the file `DatabaseController.js`, so it is likely to affect Postgres and any other database backend as well. This vulnerability has been confirmed on Linux (Ubuntu) and Windows. Users are advised to upgrade as soon as possible. The only known workaround is to manually patch your installation with code referenced at the source GHSA-p6h4-93qp-jhcm.

Action-Not Available
Vendor-parseplatformparse-communityMicrosoft CorporationCanonical Ltd.
Product-ubuntu_linuxparse-serverwindowsparse-server
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2023-27497
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-10||CRITICAL
EPSS-0.75% / 50.86%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 02:37
Updated-07 Feb, 2025 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple vulnerabilities in SAP Diagnostics Agent (EventLogServiceCollector)

Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an attacker to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker can completely compromise confidentiality, integrity and availability of the system.

Action-Not Available
Vendor-SAP SEMicrosoft Corporation
Product-windowsdiagnostics_agentDiagnostics Agent (EventLogServiceCollector)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-43547
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.65% / 47.12%
||
7 Day CHG-0.01%
Published-08 Oct, 2024 | 17:35
Updated-09 Jun, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kerberos Information Disclosure Vulnerability

Windows Kerberos Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 Version 23H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2016Windows 10 Version 1607Windows 11 version 21H2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows 10 Version 21H2Windows 10 Version 1507Windows 11 Version 24H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows 11 version 22H3Windows Server 2008 Service Pack 2Windows Server 2016 (Server Core installation)Windows 10 Version 1809Windows Server 2012 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H2Windows Server 2022Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2
CWE ID-CWE-325
Missing Cryptographic Step
CVE-2026-42826
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.84% / 53.76%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 20:59
Updated-19 Jun, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure DevOps Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_devopsAzure DevOps
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2026-40412
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.53% / 41.47%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 22:03
Updated-19 Jun, 2026 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Orbital Spatio Remote Code Execution Vulnerability

Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_orbital_spatioAzure Orbital Spatio
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-35435
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-8.6||HIGH
EPSS-1.16% / 63.72%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 20:58
Updated-19 Jun, 2026 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure AI Foundry Elevation of Privilege Vulnerability

Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_ai_foundryAzure AI Foundry
CWE ID-CWE-284
Improper Access Control
CVE-2026-33819
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.84% / 53.76%
||
7 Day CHG~0.00%
Published-23 Apr, 2026 | 21:35
Updated-19 Jun, 2026 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Bing Remote Code Execution Vulnerability

Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-bingMicrosoft Bing
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-33105
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.72% / 49.78%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 23:26
Updated-19 Jun, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_kubernetes_serviceAzure Kubernetes Service
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-32213
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.91% / 56.11%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 23:26
Updated-19 Jun, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure AI Foundry Elevation of Privilege Vulnerability

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_ai_foundryAzure AI Foundry
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-24576
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-20.34% / 97.19%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 17:28
Updated-05 Jan, 2026 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rusts's `std::process::Command` did not properly escape arguments of batch files on Windows

Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical for those who invoke batch files on Windows with untrusted arguments. No other platform or use is affected. The `Command::arg` and `Command::args` APIs state in their documentation that the arguments will be passed to the spawned process as-is, regardless of the content of the arguments, and will not be evaluated by a shell. This means it should be safe to pass untrusted input as an argument. On Windows, the implementation of this is more complex than other platforms, because the Windows API only provides a single string containing all the arguments to the spawned process, and it's up to the spawned process to split them. Most programs use the standard C run-time argv, which in practice results in a mostly consistent way arguments are splitted. One exception though is `cmd.exe` (used among other things to execute batch files), which has its own argument splitting logic. That forces the standard library to implement custom escaping for arguments passed to batch files. Unfortunately it was reported that our escaping logic was not thorough enough, and it was possible to pass malicious arguments that would result in arbitrary shell execution. Due to the complexity of `cmd.exe`, we didn't identify a solution that would correctly escape arguments in all cases. To maintain our API guarantees, we improved the robustness of the escaping code, and changed the `Command` API to return an `InvalidInput` error when it cannot safely escape an argument. This error will be emitted when spawning the process. The fix is included in Rust 1.77.2. Note that the new escaping logic for batch files errs on the conservative side, and could reject valid arguments. Those who implement the escaping themselves or only handle trusted inputs on Windows can also use the `CommandExt::raw_arg` method to bypass the standard library's escaping logic.

Action-Not Available
Vendor-rust-langrust-langrust-langMicrosoft CorporationFedora Project
Product-fedorawindowsrustrustrust
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2024-23616
Matching Score-8
Assigner-Exodus Intelligence
ShareView Details
Matching Score-8
Assigner-Exodus Intelligence
CVSS Score-10||CRITICAL
EPSS-1.88% / 77.12%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 23:32
Updated-23 Aug, 2024 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symantec Server Management Suite Buffer Overflow

A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.

Action-Not Available
Vendor-Broadcom Inc.Symantec Corporation
Product-symantec_server_management_suiteServer Management Suiteserver_management_suite
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23615
Matching Score-8
Assigner-Exodus Intelligence
ShareView Details
Matching Score-8
Assigner-Exodus Intelligence
CVSS Score-10||CRITICAL
EPSS-1.88% / 77.12%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 23:32
Updated-29 May, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symantec Messaging Gateway Buffer Overflow

A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.

Action-Not Available
Vendor-Symantec CorporationBroadcom Inc.
Product-symantec_messaging_gatewayMessaging Gateway
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23613
Matching Score-8
Assigner-Exodus Intelligence
ShareView Details
Matching Score-8
Assigner-Exodus Intelligence
CVSS Score-10||CRITICAL
EPSS-1.84% / 76.60%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 23:32
Updated-29 May, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symantec Deployment Solution Remote Code Execution

A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.

Action-Not Available
Vendor-Symantec CorporationBroadcom Inc.
Product-symantec_deployment_solutionsDeployment Solution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-23652
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.58% / 43.71%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 22:03
Updated-19 Jun, 2026 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Power Pages Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-power_pagesMicrosoft Power Pages
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2020-12389
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-10||CRITICAL
EPSS-1.73% / 75.02%
||
7 Day CHG~0.00%
Published-26 May, 2020 | 17:03
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefoxwindowsfirefox_esrFirefoxFirefox ESR
CWE ID-CWE-20
Improper Input Validation
CVE-2026-13782
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.29% / 21.22%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:37
Updated-02 Jul, 2026 | 05:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Apple Inc.Google LLCMicrosoft CorporationLinux Kernel Organization, Inc
Product-chromewindowsmacoslinux_kernelChrome
CWE ID-CWE-416
Use After Free
CVE-2022-37968
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-2.59% / 83.57%
||
7 Day CHG~0.00%
Published-11 Oct, 2022 | 00:00
Updated-02 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability

Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_stack_edgeazure_arc-enabled_kubernetesAzure Arc-enabled Kubernetes cluster 1.5.8Azure Stack EdgeAzure Arc-enabled Kubernetes cluster 1.8.11Azure Arc-enabled Kubernetes cluster 1.7.18Azure Arc-enabled Kubernetes cluster 1.6.19
CVE-2025-65037
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-10||CRITICAL
EPSS-0.90% / 55.65%
||
7 Day CHG+0.02%
Published-18 Dec, 2025 | 22:02
Updated-16 Apr, 2026 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Container Apps Remote Code Execution Vulnerability

Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-azure_container_appsAzure Container Apps
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found